Who should attend
This course is designed for information security personnel tasked with the defense of critical systems, networks, and infrastructure, as well as system administrators, advanced programmers, web developers, and database administrators.
About the course
As businesses become more dependent on interconnected systems for survival, they recognize a need to train their own personnel in assessment, exploitation, and remediation techniques. These “red teams” are becoming vital to organizations by exposing vulnerabilities early, implementing remediation procedures, and continually assessing the effectiveness of security strategies within an ever-changing threat landscape. This lab-based course will provide students with an understanding of the fundamental threat vectors and exploitation techniques used to penetrate systems and networks.
What You Will Learn
- The penetration testing cycle from Recon to Impact Assessment
- Social engineering attacks and impacts
- Tools and techniques used for exploiting vulnerabilities
- Network enumeration and vulnerability assessment
- Exploitation fundamentals and post-exploitation implications
- Web applications assessment
- Basic fuzzing for vulnerabilities
- How to create a culture of security throughout an organization
How You Will Benefit
- Gain understanding of the threat vectors used to penetrate systems and networks.
- Explore both classic and modern attacks and their impacts.
- Gain a deep understanding of the penetration testing process.
- Explore industry standard tools and techniques for exploiting vulnerabilities and assessing impact.
- Work along with instructor in a custom, virtualized, lab-based environment supporting each topic.
PENETRATION TESTING CYCLE
- Research, Recon, Exploitation, Post Exploitation, Impact Assessment
- Explore the synthesis of all aspects of the cycle
VULNERABILITY IDENTIFICATION AND EXPLOITATION
- Network enumeration
- Determine which vectors are most likely to achieve our goals
- Identify appropriate tool set
- Discuss difference between “clean room” exploitation tutorials and real world pentesting exercises
- Introduce client-side exploitation
- Explore the universe of possibilities after successful compromise
- Credential discovery and reuse
- Lateral movement
- History and road to modern techniques
- Basic techniques for identifying software vulnerabilities
Trevor Lewis is a Research Scientist, Professional Education instructor, and Penetration Tester for the Georgia Tech Research Institute. Trevor has nearly a decade of experience in information security including architecting security operations, computer network defense, penetration testing, and ...
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.